tomcat - Redirecting non-SSL-Traffic to SSL-Traffic correctly -
tomcat - Redirecting non-SSL-Traffic to SSL-Traffic correctly -
i have problem tomcat server.
when access site on http:// beluka.net security warning, want go away. rather want redirect user https:// www.beluka.net. guess problem security constraint in web.xml file makes http://beluka.net redirect https://beluka.net
<security-constraint> <web-resource-collection> <web-resource-name>root</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>confidential</transport-guarantee> </user-data-constraint> </security-constraint> i have working rewrite rule redirects non-www-traffic www-traffic works fine, problem rewrite rule followed after take security warning.
how can open "hole" in web.xml security constraint http:// beluka.net ?
my rewrite rule (using tuckey) is
<?xml version="1.0" encoding="utf-8"?> <!doctype urlrewrite public "-//tuckey.org//dtd urlrewrite 4.0//en" "http://www.tuckey.org/res/dtds/urlrewrite4.0.dtd"> <!-- configuration file urlrewritefilter http://www.tuckey.org/urlrewrite/ --> <urlrewrite> <rule> <name>primary domain name check</name> <condition name="host" operator="notequal">www.beluka.net</condition> <from>^(.*)</from> <to type="permanent-redirect">https://www.beluka.net$1</to> </rule> </urlrewrite>
there several ways this.
one create new virtual host beluka.net , deploy trivial web application redirects every request www.beluka.net. way requests http://beluka.net redirected http://www.beluka.net , https://www.beluka.net , won't mis-matched host warning.
an alternative way re-order certificate san beluka.net. way certificate valid beluka.net , www.beluka.net
there other ways too.
tomcat redirect ssl web tuckey-urlrewrite-filter
Comments
Post a Comment